Protect your Joomla 3 admin dashboard from Brute Force logins

The Admin Tools Joomla component can be used to protect your Joomla website against brute force attacks. In a nutshell, a brute force attack is when hackers repeatedly guess your Joomla password over and over again until they get it right and login to your dashboard.

Enabling the password-protect administrator feature within Admin Tools adds another layer of security to your Joomla dashboard, making it even harder for hackers to guess your secure password and get into your dashboard.

In the top menu of your Joomla Dashboard, click Components and then click Admin Tools

Find and click on the button that says Password-protect Administrator

Enter a Username, enter a Password, and then Retype password.

Click the Password-protect button.

As soon as you click the Password-protect button, your admin dashboard will be password protected. You will then be required to type in the username and password that you just setup.

Your Joomla dashboard is now protected from brute force login attempts with an additional layer of security. If there are any bots attempting to guess your passwords, they will now need to guess two sets of username and passwords, making the task much more infeasible.

Thank you for your question. The official Admin Tools page states you can "gain access to your site's administrator back-end is to remove the .htaccess and .htpasswd files from your administrator directory using an FTP application or the File Manager."

You do not need to login to the Joomla Dashboard to use FTP or File manager.
If you have any further questions, feel free to post them below.
Thank you,